How to Spell Security B-O-M20190404100549

How to Spell Security B-O-M

Before you can talk about application security you first need to know: Which applications are deployed where? i.e., an application inventory What comp...
Security vs “One Size Fits All” Runtime Environments20190328100521

Security vs “One Size Fits All” Runtime Environments

When developing with open source languages the simplest and quickest solution is to grab whatever reputable packaged runtime environment you can find,...
DevSecOps: Turning Disillusionment into Enlightenment20190228101518

DevSecOps: Turning Disillusionment into Enlightenment

Dana CraneFebruary 28, 2019, ,
The purpose and intent of DevSecOps is to create the mindset within the enterprise that “everyone is responsible for security.” In order t...
Tracking Application Risk without the Risk of an Agent20181004160202

Tracking Application Risk without the Risk of an Agent

In recent years security has taken a back seat to time-to-market. We’ve moved from a waterfall to an agile software methodology and left ourselves wit...
Shift Left – How to Secure your Source Code20181002160402

Shift Left – How to Secure your Source Code

Dana CraneOctober 2, 2018,
You hear “shift left” tossed around in software development circles these days. It’s like the secret passphrase you need to know to get into the secur...
Why Baking Security Into Products is Important20180222205253

Why Baking Security Into Products is Important

Jeff RouseFebruary 22, 2018, , , ,
Organizations are focused on releasing software faster to stay ahead of the competition. Software development processes have become more flexible, pus...
Shifting Security Left, into the Application20180130152736

Shifting Security Left, into the Application

farshada-d2January 30, 2018, ,
How do you: ensure you don’t join the trash heap of hacked enterprises? make security part of the SDLC from the get-go and not an afterthought? addres...